New allegations that CSEC tracked the gadgets of travellers using Wi-Fi have some questioning their privacy â but experts say there’s little Canadians can do about it.
Last week I was interviewed by Global News about the revelations CSEC was collecting metadata emitted from wireless stations in Canada. This is the result.
Source: Alleged Wi-Fi tracking is out of Canadians’ control: privacy experts
We offer up volumes of private information about ourselves online and just assume we’re untouchable. But the latest revelations about
I had a chance to speak with The Current today about privacy, spying, and CSEC. It was really great to hear from the Interim Privacy Commissioner of Canada and Jacquelyn Burkell on these topics as well.
Source: With CSEC monitoring people in airports, how much spying is done on Canadians?
U of T post-doctoral fellow writes letter asking for detailed answers on consumer data sharing
Another article, this time in the UoT student newspaper, about the letters we sent to Canadian ISPs.
Source: Citizen Lab calls for government surveillance oversight
Christopher Parsons, a fellow at the Citizen Lab at the University of Toronto, a group that helped review the documents, added that while using corporate analytics may have been one possible attack vector, there could have been another.
“There’s a series of different kinds of identifiers—that’s not entirely clear from the documents,” he told Ars.
“It’s also theoretically possible that [CSEC] may be tapping into other identifiers. There’s going to be some global database that they’re pulling from. Whether it’s going to be cookies or another identifier. My thought would be [if not cookies] that if they’re looking for particular chat user names or e-mail that is also sent in clear or sent in clear often enough. One of [the] pieces about this [is] that it seems to indicate that it’s the act of logging on. It’s not clear that you have to make some particular action, it’s that the device[s] are likely to be sending out this kind of information upstream. It is possible that it’s your username every time you hit the mail server.”
He also noted that in Canada, the two major ISPs—Bell and Rogers—provide, by default, e-mail accounts on Microsoft and Yahoo, respectively.
So, he speculated, if CSEC was going to use such an e-mail username for instance, “that ISP is going to have a litany of personal information about a Canadian target, billing and everything else that they hold, whereas the cookie information may not provide [all that information.]”
Both Parsons and Weaver also added that the use of Tor, VPNs, and anti-tracking software (such as browser plugins like Disconnect or Ghostery) may help to somewhat thwart this type of tracking.
Source: New Snowden docs show Canadian spies tracked thousands of travelers
On Tuesday, Interim Privacy Commissioner Chantal Bernier called for more surveillance disclosure and a rewrite of Canada’s privacy laws
Christopher Parsons, a postdoctoral fellow at the Munk School of Global Affairs’ Citizen Lab, who studies state access to telecommunications data.Some of the recommendations in the report are similar to those made before – including a call for broader powers and more robust laws to allow watchdogs to do their job.
“Many of these suggestions the privacy commissioner has put forward are indicative of that office not being able to play its role. It doesn’t have the required powers to understand what’s going on in order to a) make things right or b) blow the whistle,” he said, later adding: “Should Canadians be concerned? Yeah. What the Commissioner’s office is saying is we do a good job, we do the best we can within our mandate, but our mandate is to narrow.”
Hopefully the Commissioner’s recommendations are implemented by the federal government given how pressing national security and signals intelligence issues have become.
Source: Experts weigh in on the state of Canadaâs spying rules
As it happens, last week, a group of academics and civil-liberties organizations, led by Christopher Parsons, a postdoctoral fellow at the University of Toronto, sent out a long questionnaire to 16 Canadian telecommunications carriers. For example, it asks the carriers how the types of the authorities’ requests break down, as among matters of child exploitation, terrorism, national security and foreign intelligence.
Nice to have been mentioned in the Globe’s Editorial!
But no politician should ever apologize for stealing a good policy idea. And it is a good idea. It is a brave idea, courageous even, which is usually enough to start political antennae tingling in veterans whose modus operandi is to never do anything for the first time.
John Ivison, “With Senate caucus expulsion, Trudeau is testing the depth of the water with both feet ”
As American telcoms operators take up the practice of publishing transparency reports showing how many law-enforcement requests they receive, Canadian activists are wondering why Canada’s telcoms sector hasn’t followed suit.
Source: Citizen Lab calls on Canada’s telcos to publish transparency report
More coverage of our letters to Canadian telecommunications service providers concerning how, when, under what conditions, and how often they disclose information to government agencies.
Source: Reveal extent of government data surveillance, campaign asks telecom companies
Prominent privacy and digital-security researchers send open letter to Bell, Rogers, Telus, Shaw and a dozen other companies
Nice coverage by the Globe and Mail
Source: Telecom firms being asked what data they are giving to police, intelligence agencies
Excited Pixels